Please filter out duplicate keyrings
kfitzner at excelcia.org
Mon Jan 16 08:33:48 CET 2006
I have requested this before, and was turned down. However, this is
becoming more and more of an issue, so I would like to ask please that
GnuPG be modified to filter out duplicate keyrings.
I do not believe it would be a technical challenge for GnuPG to add
filtering. It only requires filtering by the canonical filename of the
keyring, not by key. At the very least, perhaps an explicit keyring can
be ignored if it matches the default keyring. This should catch 99.9%
of all keyring duplications.
As it stands, all it takes to get duplicate keys from GnuPG is to
explicitely add a keyring entry to gpg.conf that is also the default
keyring. This is not an unreasonable thing for a person to do. I have
helped users complaining of duplicate keys more than once in several
front ends. The last was just a week ago: http://tinyurl.com/d5d2a
It is a real challenge for me with GPGee to deal with duplicate keys.
The obvious answer is just to filter them out, which I do. But I have
found that the library I use assumes that when a single key is asked for
from GnuPG that a single key will be given. It is not trivial to fix
this assumption. Because of the read buffering, GPGee can handle this
if the keys are small (in this case small means few user ids and
signatures). If the key is complex with many signatures (PGP global
directory trash), then GPGee hangs.
While duplicate keys is not a bug per se, asking for a single key by
fingerprint and getting it twice violates at least the spirit of what
you are asking gpg to do.
If nothing more than as a personal favor to me and perhaps other
front-end authors, can GnuPG please be patched to filter out duplicates.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 305 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20060116/0ef779ee/signature.pgp
More information about the Gnupg-devel